|
|
#1
6th Jan 2009, 19:18
|
|||
|
|||
|
I have found a way to block the virus Antispyware 2009/MS antispyware that hit my computer about 2 weeks ago.
however, the images on all websites (this one included) simply come up as that small box with the red square, blue triangle, and green circle with a description as to what the image should be. If i right click on the image and choose "show picture", the image will come up. how do I correct this? It might be something really simple (i'm not that techno savvy) or something left over from the anitspyware junk any help is appreciated. |
|
#2
6th Jan 2009, 20:19
|
|||
|
|||
|
Reset Web Settings
For IE 7 users: Open IE and select Internet Options, then the Advanced Tab and then the Reset... button under Reset Internet Explorer Settings. For IE 6 users: To Reset Web Settings:
Click Apply. Click Delete Cookies, Click Delete Files and select Delete all Offline content too, Click OK. When it finishes Click OK Quote:
__________________
 |
|
#3
6th Jan 2009, 21:02
|
|||
|
|||
|
I've tried doing this and it tells me all programs must be closed, even though i don't have anything running or internet pages up when i do so. .
|
|
#4
6th Jan 2009, 21:09
|
|||
|
|||
|
Please run this scan and post the log. Should take 10 minutes or less for a quick scan. That sounds like the malware is still there.
Download Malwarebytes' Anti-Malware (MBAM)
Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.
__________________
|
|
#5
6th Jan 2009, 21:10
|
|||
|
|||
|
i have downloaded this and run before. . i'll do it again.
thanks for the help. |
|
#6
6th Jan 2009, 21:31
|
|||
|
|||
|
it is taking a lot longer than 10 min. . i'm on a laptop with wireless. guess i should say it is a school laptop as well so probably has a lot of programs i don't know about.
|
|
#7
6th Jan 2009, 21:41
|
|||
|
|||
|
hope this is what you're looking for. .
Malwarebytes' Anti-Malware 1.31 Database version: 1456 Windows 5.1.2600 Service Pack 2 1/6/2009 11:39:56 PM mbam-log-2009-01-06 (23-39-56).txt Scan type: Quick Scan Objects scanned: 69262 Time elapsed: 28 minute(s), 51 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 11 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 2 Files Infected: 17 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\spyware guard 2008 (Rogue.SpywareGuard) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\explorer.exe (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\fci (Rootkit.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\f ci (Rootkit.ADS) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\f ci (Rootkit.ADS) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\i cf (Rootkit.ADS) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\i cf (Rootkit.ADS) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\icf (Rootkit.ADS) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: C:\Program Files\Spyware Guard 2008 (Rogue.SpywareGuard) -> Quarantined and deleted successfully. C:\Program Files\Microsoft Common (Trojan.Agent) -> Quarantined and deleted successfully. Files Infected: C:\Program Files\Spyware Guard 2008\spywareguard.exe (Rogue.SpywareGuard) -> Quarantined and deleted successfully. C:\Program Files\Spyware Guard 2008\uninstall.exe (Rogue.SpywareGuard) -> Quarantined and deleted successfully. C:\Program Files\Microsoft Common\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\svchost.exe:ext.exe (Rootkit.ADS) -> Quarantined and deleted successfully. C:\WINDOWS\sysexplorer.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\WINDOWS\reged.exe (Rogue.SpywareGuard) -> Quarantined and deleted successfully. C:\WINDOWS\spoolsystem.exe (Rogue.SpywareGuard) -> Quarantined and deleted successfully. C:\WINDOWS\sys.com (Rogue.SpywareGuard) -> Quarantined and deleted successfully. C:\WINDOWS\syscert.exe (Rogue.SpywareGuard) -> Quarantined and deleted successfully. C:\WINDOWS\vmreg.dll (Rogue.SpywareGuard) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\BN2.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\BN3.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\BN4.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\BN5.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\BN6.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\BN7.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\BN5E.tmp (Trojan.Agent) -> Quarantined and deleted successfully. |
|
#8
6th Jan 2009, 21:43
|
|||
|
|||
|
The malware was definitely not gone. You need to make sure it's completely removed or there will still be problems.
Download ComboFix© by sUBs from one of the below links. Be sure top save it to the Desktop. Link #1 Link #2 **Note: It is important that it is saved directly to your Desktop Close any open Web browsers. (Firefox, Internet Explorer, etc) before starting ComboFix. Temporarily disable your antivirus, and any antispyware real time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them. Double click combofix.exe & follow the prompts. For Windows XP Systems install the Recovery Console: - If you are using Windows XP and do not already have the Recovery Console installed, please ensure your Internet connection is active (if possible) and click Yes. - If for some reason your Internet is not working click No. - If you are not using Windows XP, you will not be prompted. - When prompted to accept the EULA click OK. - Accept Microsoft's EULA (Click Yes). - When you are told that the RC is installed correctly click YES to continue scanning for malware. When finished ComboFix will produce a log for you. Post the ComboFix log and a new HijackThis log in your next reply. Important: Do not mouseclick ComboFix's window while it is running. That may cause it to stall. Remember to re-enable your antivirus and antispyware protection when ComboFix is complete.
__________________
|
|
#9
6th Jan 2009, 21:49
|
|||
|
|||
|
I appreciate the help and will do this tomorrow. thanks again.
|
|
#10
6th Jan 2009, 22:24
|
|||
|
|||
|
OK, I'll be here.
__________________
|
